Linux Kernel rock. c Denial of Service Vulnerability (CVE-2014-9420)

Linux Kernel rock. c Denial of Service Vulnerability (CVE-2014-9420)

Release date:
Updated on:

Affected Systems:
Linux kernel <3.18.1
Description:
Bugtraq id: 71883
CVE (CAN) ID: CVE-2014-9420

Linux Kernel is the Kernel of the Linux operating system.

For versions earlier than Linux kernel 3.18.1, 'fs/isofs/rock. the c 'function rock_continue does not limit the number of consecutive Rock Ridge items, which allows local users to exploit this vulnerability to cause a denial-of-service by constructing an iso9660 graph.

<* Source: P J P
*>

Suggestion:
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = f54e18f1b831c92f6512d2eedb224cd63d607d3d

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: